CVE-2020-8564

2020-12-07T00:00:00
ID UB:CVE-2020-8564
Type ubuntucve
Reporter ubuntu.com
Modified 2020-12-07T00:00:00

Description

In Kubernetes clusters using a logging level of at least 4, processing a malformed docker config file will result in the contents of the docker config file being leaked, which can include pull secrets or other registry credentials. This affects < v1.19.3, < v1.18.10, < v1.17.13.

Bugs

  • <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972341>

Notes

Author| Note
---|---
leosilva | kubernates is in fact a kubernetes installer that calls snap, not the package it self.